Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2000-04-18 | CVE-2000-0083 | Unspecified vulnerability in HP Hp-Ux 10/11 HP asecure creates the Audio Security File audio.sec with insecure permissions, which allows local users to cause a denial of service or gain additional privileges. | 4.6 |
| 2000-04-16 | CVE-2000-0291 | Buffer Overflow vulnerability in SUN Staroffice 5.1 Buffer overflow in Star Office 5.1 allows attackers to cause a denial of service by embedding a long URL within a document. | 4.6 |
| 2000-04-14 | CVE-2000-0254 | Unspecified vulnerability in Craig Dansie Shopping Cart 3.0.4 The dansie shopping cart application cart.pl allows remote attackers to obtain the shopping cart database and configuration information via a URL that references either the env, db, or vars form variables. | 5.0 |
| 2000-04-12 | CVE-2000-0288 | Infonautics getdoc.cgi allows remote attackers to bypass the payment phase for accessing documents via a modified form variable. network low complexity | 5.0 |
| 2000-04-12 | CVE-2000-0283 | Unspecified vulnerability in SGI Irix The default installation of IRIX Performance Copilot allows remote attackers to access sensitive system information via the pmcd daemon. | 6.4 |
| 2000-04-12 | CVE-2000-0282 | Unspecified vulnerability in Talentsoft Web+ 4 TalentSoft webpsvr daemon in the Web+ shopping cart application allows remote attackers to read arbitrary files via a .. | 5.0 |
| 2000-04-12 | CVE-2000-0258 | Improper Input Validation vulnerability in Microsoft products IIS 4.0 and 5.0 allows remote attackers to cause a denial of service by sending many URLs with a large number of escaped characters, aka the "Myriad Escaped Characters" Vulnerability. | 5.0 |
| 2000-04-11 | CVE-2000-0252 | Unspecified vulnerability in Craig Dansie Shopping Cart 3.0.4 The dansie shopping cart application cart.pl allows remote attackers to execute commands via a shell metacharacters in a form variable. | 5.0 |
| 2000-04-11 | CVE-1999-0695 | Unspecified vulnerability in Sybase Powerdynamo 3.0.652 The Sybase PowerDynamo personal web server allows attackers to read arbitrary files through a .. | 5.0 |
| 2000-04-09 | CVE-2000-0273 | Unspecified vulnerability in Symantec Pcanywhere 8.0/9.0 PCAnywhere allows remote attackers to cause a denial of service by terminating the connection before PCAnywhere provides a login prompt. | 5.0 |